Systems and methods for granting access to digital content using electronic tickets and ticket tokens

ABSTRACT

Systems and methods for granting access to digital content using electronic tickets and ticket tokens in accordance with embodiments of the invention are disclosed. One embodiment includes a processor, and memory configured to store an electronic ticket, and a ticket token. In addition, the processor is configured to authenticate a merchant server, receive a request for a ticket token for a specific piece of content from the merchant server, generate a ticket token that expires after a predetermined time period, associate the ticket token with an electronic ticket, send the ticket token to the merchant server for delivery to a user device, receive a request to access the identified piece of digital content from the user device, where the request includes the ticket token, send the electronic ticket and access information to the user device, and expire the ticket token.

CROSS-REFERENCE TO RELATED APPLICATIONS

The current application claims priority to U.S. Provisional Application No. 61/583,807, filed Jan. 6, 2012, the disclosure of which is incorporated herein by reference.

FIELD OF THE INVENTION

The present invention relates generally to digital rights management (DRM) systems and more specifically to authentication of user devices when purchasing and requesting access to DRM protected multimedia content.

BACKGROUND OF THE INVENTION

When a customer visits a movie theater, the process typically involves purchasing a “ticket” at the ticket booth and having the ticket “torn” when the customer enters the theater. A ticket serves as a physical proof of purchase for the right to view a particular movie. A ticket can change possession from the purchaser to another customer and can be used by either person. When a ticket is claimed by entering the theater and being torn, the ticket is thought to be redeemed by the customer presenting the ticket and henceforth the viewing rights granted by the ticket are owned by that customer.

In a digital multimedia playback system, viewing rights are generally governed by possession of physical media that contains digital content. When the content is not tied to physical media, such as when digital content is streamed over a network, a digital rights management (DRM) system is often used to restrict access to the content. Such systems typically involve user accounts and associating purchased content with a user account. A user device may be registered to a user account and then have access to the content purchased under that user account.

SUMMARY OF THE INVENTION

Systems and methods for granting access to digital content using electronic tickets and ticket tokens in accordance with embodiments of the invention are disclosed. One embodiment of the invention includes a processor, and memory configured to store an electronic ticket, and a ticket token. In addition, the processor is configured to authenticate a merchant server, receive a request for a ticket token from the merchant server where the request identifies a piece of digital content, generate a ticket token that expires after a predetermined time period, associate the ticket token with an electronic ticket, send the ticket token to the merchant server for delivery to a user device, receive a request to access the identified piece of digital content from the user device, where the request includes the ticket token, send the electronic ticket and access information for the identified piece of digital content associated with the electronic ticket to the user device, and expire the ticket token.

In a further embodiment, the processor is further configured to authenticate a user device registered to a user account and associate an electronic ticket with the user account based upon the ticket token received from the user device.

In another embodiment, the request for a ticket token contains at least one field selected from the group of: a customer identifier, a content identifier, a merchant identifier, an account link identifier, a license identifier, a stream identifier, a transaction identifier, and a price.

In a still further embodiment, the processor is further configured to generate a new electronic ticket to represent a new purchase.

In still another embodiment, the processor is further configured to send the electronic ticket to the merchant server.

In a yet further embodiment, the request to access the identified piece of digital content further includes identification of a user account to which the user device is registered.

In yet another embodiment, the processor is further configured to associate the electronic ticket with the user account.

In a further embodiment again, the processor is further configured to associate the user device with the user account.

In another embodiment again, the request to access the identified piece of digital content further includes information that identifies the characteristics or capabilities of the user device.

In a further additional embodiment, the processor is further configured to validate the ticket token.

In another additional embodiment, the processor is further configured to enforce rules on the playback of content based upon the ticket token.

In a still yet further embodiment, the processor is further configured to enforce rules on the playback of content based upon device characteristics.

In still yet another embodiment, the access information includes at least one piece of information selected from the group of: a top level index of the digital content, an identifier for the digital content, and cryptographic data that can be used to access the digital content.

An embodiment of the method of the invention includes authenticating a merchant server using a DRM server, receiving a request for a ticket token from the merchant server at the DRM server, where the request identifies a piece of digital content, generating a ticket token that expires after a predetermined time period using the DRM server, associating the ticket token with an electronic ticket using the DRM server, sending the ticket token to the merchant server for delivery to a user device using the DRM server, authenticating a user device registered to a user account using the DRM server, receiving a request to access the identified piece of digital content from the user device using the DRM server, where the request includes the ticket token, associating an electronic ticket with the user account based upon the ticket token received from the user device using the DRM server, sending the electronic ticket and access information for the identified piece of digital content associated with the electronic ticket to the user device using the DRM server, and expiring the ticket token using the DRM server.

A further embodiment of the method of the invention also includes authenticating a user device registered to a user account and associating an electronic ticket with the user account based upon the ticket token received from the user device.

In another embodiment of the method of the invention, the request for a ticket token contains at least one field selected from the group of: a customer identifier, a content identifier, a merchant identifier, an account link identifier, a license identifier, a stream identifier, a transaction identifier, and a price.

A still further embodiment of the method of the invention also includes generating a new electronic ticket to represent a new purchase.

Still another embodiment of the method of the invention also includes sending the electronic ticket to the merchant server.

In a yet further embodiment of the method of the invention, the request to access the identified piece of digital content further includes identification of a user account to which the user device is registered.

Yet another embodiment of the method of the invention also includes associating the electronic ticket with the user account.

A further embodiment again of the method of the invention also includes associating the user device with the user account.

In another embodiment again of the method of the invention, the request to access the identified piece of digital content further includes information that identifies the characteristics or capabilities of the user device.

A further additional embodiment of the method of the invention also includes validating the ticket token.

Another additional embodiment of the method of the invention also includes enforcing rules on the playback of content based upon the ticket token.

A still yet further embodiment of the method of the invention also includes enforcing rules on the playback of content based upon device characteristics.

In still yet another embodiment of the method of the invention, the access information includes at least one piece of information selected from the group consisting of: a top level index of the digital content, an identifier for the digital content, and cryptographic data that can be used to access the digital content.

Another further embodiment comprises a merchant server, a DRM server, a content server, and a user device. In addition, the merchant server, DRM server, content server, and user device are configured to communicate via a network, the merchant server is configured to authenticate a user account maintained by the merchant server, the user device is configured to request a piece of digital content from the merchant server, the DRM server is configured to authenticate the merchant server, the merchant server is configured to request a ticket token associated with the requested piece of content from the DRM, the merchant server is configured to provide the ticket token to the user device, the DRM server is configured to authenticate the user device as being registered to a user account maintained by the DRM server, the user device is configured to provide the ticket token to the DRM server, the DRM server is configured to associate an electronic ticket with the user account to which the user device is registered, and the DRM server is configured to provide the user device with access information for the requested digital content and the electronic ticket.

Another further embodiment of the method of the invention includes authenticating a user account maintained by a merchant server using the merchant server, requesting a piece of digital content from the merchant server using a user device, authenticating the merchant server using a DRM server, requesting a ticket token associated with the requested piece of content from the DRM server using the merchant server, providing the ticket token to the user device using the merchant server, authenticating the user device as being registered to a user account maintained by the DRM server using the DRM server, providing the ticket token to the DRM server using the user device, associating an electronic ticket with the user account to which the user device is registered using the DRM server, and providing the user device with the electronic ticket and access information for the requested digital content using the DRM server.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a system-level overview illustrating a DRM and content distribution system in accordance with an embodiment of the invention.

FIG. 2 is a flow chart illustrating a process for providing a user device with access to digital content using an electronic ticket and ticket token, in accordance with an embodiment of the invention.

FIG. 2A is a flow chart illustrating a process for providing a user device with access to digital content using an electronic ticket and ticket token on a user device, in accordance with an embodiment of the invention.

FIG. 2B is a flow chart illustrating a process for providing a user device with access to digital content using an electronic ticket and ticket token on a DRM server, in accordance with an embodiment of the invention.

FIG. 3 conceptually illustrates a user device, which stores an electronic ticket and ticket token in memory, in accordance with an embodiment of the invention.

FIG. 4 conceptually illustrates a DRM server, which stores electronic tickets and ticket tokens in memory, in accordance with an embodiment of the invention.

DETAILED DISCLOSURE OF THE INVENTION

Turning now to the drawings, systems and methods for granting access to digital content using electronic tickets and ticket tokens are illustrated. In many embodiments, a user device can communicate with merchant servers, digital rights management (DRM) servers, and content servers to request access to and play back digital content. A user device may be configured with a web browser, web application, or other application that provides a user interface to a customer. The interface typically displays the digital content available from a merchant and is populated with data from the merchant server.

In many embodiments, a user device can purchase the right to access digital content from a merchant server. However, the user device obtains the cryptographic information used to access the purchased content directly from a DRM server. In several embodiments, a merchant server requests that the DRM server issue the right to access a piece of digital content to one of its customers. In response to the request, the DRM server generates an electronic ticket. The DRM server can also generate a ticket token associated with the electronic ticket at that time and/or when a user device requests playback of the content via the merchant website. The electronic ticket is evidence of the right of a user device registered with the DRM server to playback DRM protected content. The ticket token is a temporary credential that can be used to obtain the electronic ticket from the DRM server by a playback device that is registered with the DRM server and/or to obtain cryptographic information enabling playback of the content from the DRM server. In many instances the DRM server cannot authenticate the user device that is purchasing the content from the merchant server. The DRM server can provide the ticket token to the merchant server, which passes the ticket token to the user device used to purchase the content. Provided the user device or another user device onto which the token is loaded is registered with the DRM server, the user device can provide the ticket token to the DRM server and obtain the electronic ticket and any cryptographic information needed to access the purchased content. At which point, the user device can request the DRM protected content from the content server and commence playback using the cryptographic information. The use of electronic tickets, and ticket tokens to authenticate the right of a user device to playback digital content in accordance with embodiments of the invention is discussed further below.

System Architecture

A system including user devices that can communicate with merchant servers, DRM servers and content servers to access digital content in accordance with an embodiment of the invention is illustrated in FIG. 1. The system 10 includes a number of different types of user device 12 that each has the capability to request digital content over a network. The user devices 12 communicate with a merchant server 14, digital rights management (DRM) server 16 and content server 18 over a network such as the Internet 20. In a number of embodiments, merchant server 14 provides a “store front” like interface accessible to customers via a web browser or other application on their user device 12. The DRM server 16 can be used to authenticate user devices 12 and provide cryptographic information used to access digital content. In several embodiments, the content server 18 is a server that can deliver digital content to the user devices 12. The content can be downloaded and/or streamed by the user devices 12.

An electronic ticket issued by the DRM server in response to the purchase of content that serves as a representation of the purchase can be used to facilitate access of the purchased content in a coordinated fashion among the user device 12, merchant server 14, DRM server 16, and content server 18. In many embodiments, however, the merchant server 14 is unable to authenticate the user device 12 that purchased the content to the DRM server 16. Accordingly, the DRM server 16 issues a ticket token to the merchant server 14 that acts as a temporary credential. In several embodiments, the ticket token is a single use credential that can be utilized by a user device that authenticates itself to the DRM server to obtain the electronic ticket and/or cryptographic information enabling playback of the content. In a number of embodiments, the ticket token is generated when the user device requests playback of the content and expires within a predetermined period of time. In other embodiments, the ticket token, is generated when the user device purchases the content.

The merchant server 14 can provide the ticket token to the user device 12 that purchased the content. Provided the user device 12 is registered with the DRM server 16, the user device 12 can authenticate itself to the DRM server and exchange the ticket token for the electronic ticket that evidences the user device's right to access the purchased content. Where the user device 12 that purchased the content is not authorized to participate within the DRM system administered by the DRM server 16, the ticket token can be transferred to a device that is capable of participating within the DRM system. In embodiments where the DRM server registers user devices with user accounts, DRM system can provide an electronic ticket to a registered user device and can associate the electronic ticket with the user account to which the device is registered. In this way, other user devices registered to the user account can request access to the purchased content following the initial exchange of the ticket token for the electronic ticket. In instances where the user device has previously requested playback of the content, the user device can be in possession of the electronic ticket. When the user device again requests playback of the content via the merchant website (for example by streaming), the merchant can provide the electronic ticket to the DRM server to obtain a ticket token. The user device can then use the ticket token to access the content in the manner outlined above and the DRM server can authenticate that the electronic ticket provided by the merchant server is associated with the user device attempting to play back the content prior to providing cryptographic information enabling play back of the content to the user device.

Although a specific architecture is shown in FIG. 1 any of a variety of architectures can be utilized that enable user devices to securely access digital content using electronic tickets and ticket tokens in accordance with embodiments of the invention. For example, each of the servers illustrated in FIG. 1 can be a server system comprising multiple load balanced servers and/or servers that perform different functions. In addition, the functions of the servers illustrated in FIG. 1 can be combined and/or divided amongst different servers and server systems in accordance with embodiments of the invention. Electronic tickets, ticket tokens, and the use of tickets to access digital content in accordance with embodiments of the invention are discussed further below.

Electronic Tickets

An electronic ticket represents the purchased right to access a piece of digital content. Electronic tickets can also be used to represent the right to playback any DRM protected content including free content that is not capable of being freely distributed and content played back under a subscription agreement. Accordingly, references to purchased content can be considered to encompass more than just requests to access DRM protected content that involve a direct payment and can extend to any request for access to content. An electronic ticket can be a string, binary data, or other electronic representation of information that includes at least a unique identifier for the content with which the electronic ticket is associated.

Electronic tickets typically remain valid for the life of the purchase. When the purchase is a rental of the content, the ticket may be expired after the rental period. A ticket can initially be in a conceptually “untorn” state before it is used to access content. It is not yet associated with any particular user account and/or user device, and can be transferred from the purchaser to any other user, for instance as a gift. The electronic ticket may be “torn” and associated with a user account and/or user device that then holds the exclusive rights granted by that ticket. Whether a DRM system associates an electronic ticket with a user account or a user device can depend on whether the DRM system grants access rights on a device or user basis. Thereafter, that user account and/or user device is considered the owner or holder of the ticket. An electronic ticket may be torn, for example, when it is used for the first time to access content or in response to a user device exchanging a ticket token for an electronic ticket (see discussion below). An electronic ticket's torn or untorn status can be indicated by a variety of methods including (but not limited to) a field within the ticket or an associated field in a database where the ticket is stored.

An electronic ticket may be expressed in a variety of formats that can store the associated information. One suitable format is Extensible Markup Language (XML) defined in the XML 1.0 Specification by the World Wide Web Consortium (W3C) of Cambridge, Mass. and related specifications. XML specifies a textual data format for documents to be both human-readable and machine-readable.

In many embodiments of the invention, an electronic ticket may contain, reference, or be associated with some characteristics of the purchase it represents. Characteristics can include (but are limited to) the content that was purchased, the license describing how the content can be played (high definition or standard definition, rental or purchase, download or streaming, etc.), the purchase price, the merchant transaction identifier (ID), the customer who purchased the ticket, the customer owning the ticket if the ticket is torn. Cryptographic information that can be used to decode or decrypt the digital content may also be associated with a ticket. The characteristics or cryptographic information may be stored as part of the electronic ticket or the ticket may have a pointer or identifier to where the information may be found.

Ticket Token

A ticket token can be generated and associated with an electronic ticket as a temporary credential, which can be exchanged for an electronic ticket by a user device that is registered with a DRM system. In many embodiments, a merchant server requests a ticket token from a DRM server when a user request playback of content. In several embodiments, the merchant server requests a ticket token from the server when the user purchases content. The request may contain information such as (but not limited to) a content identifier, a merchant identifier, an account link identifier, a license identifier, a stream identifier, a transaction identifier, currency, and/or price. The ticket token that is returned may reference the electronic ticket, customer, and current content request. The first time the user device requests playback, the user device can exchange the ticket token for an electronic ticket. After the user device has obtained the electronic ticket, a further playback request can identify the electronic ticket and a DRM server can issue a ticket token that is used to authenticate that the user device attempting to playback the content is registered to the user account with which the electronic tickets is associated.

In several embodiments, the merchant server provides the ticket token to a user device only after the user device or a user account enabled on the user device is authenticated by the merchant server. The DRM server can issue the ticket token without authenticating the user device. The authentication occurs when the ticket token is used to request playback of the content and/or exchanged for the electronic ticket by a user device. In many embodiments, the DRM server may determine when a session is complete and expire the token, or expire the token after a certain amount of time has passed. Moreover, a token can typically only be used once. Methods for granting access to DRM protected content using electronic tickets and associated ticket tokens in accordance with embodiments of the invention are discussed further below.

Obtaining a Ticket and Ticket Token to Facilitate Playback

Typically a customer will buy or otherwise request access to digital content on a merchant's web site or through some other type of interface that shows the merchant's digital content offerings. The customer may use a personal computer with a web browser application, a user device with an on-screen interface, or other interactive user device to view the merchant's offerings. The customer typically has an account with the merchant and logs in using the account, or first creates a new account if there is no existing account. The purchased content can be viewed in the future (i.e., the associated electronic ticket is untorn) or immediately played back. In several embodiments, the content is streamed and/or viewed while it is being downloaded.

In many embodiments, the process of purchasing and playing back content involves a merchant obtaining a ticket token from a DRM server. A user device that obtains the ticket token can exchange it with the DRM server for an electronic ticket evidencing the user device's right to play back the purchased content and cryptographic information necessary to play back the purchased content. A process 100 for granting user devices with access to digital content purchased via a merchant using an electronic ticket and an associated electronic token in accordance with an embodiment of the invention is shown in FIG. 2.

A DRM server authenticates (102) a merchant server. Authentication may involve establishing a certain level of identification and trust between the merchant server and the DRM server and/or the DRM system to which the DRM server belongs.

A user device sends (104) a request for digital content to a merchant server.

The merchant server sends (106) a request for a ticket token to a DRM server. If it is a new purchase, an electronic ticket may not yet exist and the merchant server may also request that a new electronic ticket be created to represent the purchase. In several embodiments of the invention, the request may also include information to be associated with the purchase. The information may include (but is not limited to) a content identifier, merchant link identifier, account link identifier, license identifier, stream identifier, transaction identifier, currency, and/or price.

The DRM server generates (108) a ticket token and associates the token with the electronic ticket that represents the purchase. If it is a new purchase, the DRM server creates a new electronic ticket. If playback is requested of content that was previously purchased and played back by a user device registered to a user's account with the DRM server, the ticket token is associated with the existing electronic ticket. In various embodiments of the invention, the digital content may be transferring via a streaming protocol for immediate viewing or downloaded at a later time to be viewed in a disconnected playback mode (i.e., not in immediate communication with a server). If streamed immediately, the electronic ticket may be “torn” immediately. If the content is to be downloaded at a later time, the electronic ticket may be “untorn” and retain the ability to be transferred to another customer before being “torn” and associated with that customer's account. The electronic ticket may be stored on a user device, deleted from the device when playback is requested, and embedded in a container file with the content for disconnected playback as will be discussed further below.

The DRM server sends (110) the ticket token to the merchant server. If the merchant server does not yet have the electronic ticket (e.g., for a new purchase), the DRM server can also send the electronic ticket. In many embodiments, the merchant server stores the electronic ticket for future reference.

The merchant server sends (112) the ticket token to the user device.

The user device sends (114) the ticket token to the DRM server. In the communication with the DRM server, the user device may also send information about the customer and/or the device that identifies or describes the customer and/or device. For example, the user device may be authenticated with the DRM server. Authentication may include the device identifying itself as registered to a specific user account. The user account may be the same the account the consumer or user device holds with the merchant server, or (more typically) a separate account that the consumer or user device holds with the DRM system to which the DRM server belongs.

In many embodiments of the invention, the device may send information that identifies the brand and model of the device, or the graphics and audio capabilities of the device (e.g., high definition, multi-channel audio, MPEG4 decoding). The information can be used to help authenticate the device to the DRM system and determine the appropriate format of the content to provide to the device. Systems and processes for collecting information about a user device and representing the information using a device match data token include those disclosed in U.S. patent application Ser. No. 13/339,315 entitled “Binding of Cryptographic Content Using Unique Device Characteristics with Server Heuristics,” the disclosure of which is hereby incorporated by reference in its entirety.

The DRM server validates (116) the ticket token, e.g., by checking that the token has not yet been used and is not expired. The DRM server uses the ticket token to determine the electronic ticket to which it refers and customer information for the customer who sent the request.

The DRM server may associate (118) the electronic ticket with the customer's user account and register the user device to the user account if they are not already so registered, using the customer information associated with the ticket token and device match data it may have received from the user device.

In many embodiments of the invention, the DRM server may also verify the play request according to certain rules using the ticket token and/or a device match data token. For example, the DRM server may enforce concurrency and device rules on the playback of content. A concurrency rule may stipulate that only one device on the user account can play back any content at a time, or that a specific piece of content may only be played on one device at a time. Device rules may include limiting high definition content to user devices such as set-top boxes connected to television displays. A device match data token identifies the type of device so the DRM server can look up the device type to determine the appropriate format of content.

In many embodiments of the invention, the electronic ticket and/or the ticket token contain information to identify the license under which the content can be played. The DRM server can use the ticket information to retrieve the license information and generate or retrieve access information that the user device can use to access or decrypt the requested content. Access information can include (but is not limited to) a top level index file of the digital content, an identifier or location pointer for the digital content, and/or cryptographic data that can be used to access and/or decrypt the content. In several embodiments of the invention, a top level index file describes the location and content of container files containing streams of media that can be utilized by the playback device to stream and playback content. In adaptive bitrate streaming systems, the top level index file typically references the alternative streams that the playback device can switch between. Systems and methods for automatically generating top level index files for use in adaptive bitrate stream include those disclosed in U.S. patent application Ser. No. 13/341,789 entitled “Systems and Methods for Automatically Generating Top Level Index Files,” filed on Dec. 30, 2011, the disclosure of which is hereby incorporated by reference in its entirety.

The DRM server sends (120) the electronic ticket to the user device. In several embodiments, the electronic ticket embedded in another file. The ticket may be embedded in a file that also contains the content that was requested, e.g., in the header of a multimedia container file. In many embodiments, the DRM server also sends the access information that is used to access or play back the content that was requested. The DRM server invalidates the token by expiring (122) it.

Using the received electronic ticket and access information, the user device can play back the requested content via download or streaming. In many embodiments of the invention, the content is hosted on a content server that is accessible to the user device over a network. The user device may request the content from the content server. The content may be downloaded and played (124) during download or after downloading is complete, or streamed and played while being transferred to the user device. The user device may send a signal such as a “heartbeat” to the DRM server to let the server know that it is currently playing back content and/or the position in the file that is being played back. The DRM server can use this information for functions such as providing a resume feature so that the customer can stop playback and restart at the same position on the same or a different user device.

Although a specific process is illustrated in FIG. 2, any of a variety of processes for utilizing an electronic ticket and a ticket token that references the electronic ticket for providing a user device with access to purchased digital content can be utilized in accordance with embodiments of the invention.

Processes similar to the process illustrated in FIG. 2 may be implemented by configuring user devices and servers to exchange electronic tickets and ticket tokens. A generalized process 130 for using a user device to obtain access to digital content purchased via a merchant using an electronic ticket and an associated electronic token in accordance with an embodiment of the invention is shown in FIG. 2A. A customer uses a user device to purchase (132) content or request the playback of purchased content. The user device receives (134) a ticket token from a merchant server. The user device sends (136) the ticket token to a DRM server in a request for access to digital content. The user device receives (138) an electronic ticket that is referenced by or otherwise associated with the ticket token and access information for the digital content from the DRM server. Using the electronic ticket and access information, the user device receives and plays back (140) the requested content. In many embodiments of the invention, the content is hosted on a content server that is accessible to the user device over a network. Although a specific process is illustrated in FIG. 2A, any of a variety of processes for utilizing an electronic ticket and a ticket token that references the electronic ticket for providing a user device with access to purchased digital content can be utilized in accordance with embodiments of the invention.

A generalized process 150 for using a DRM server to provide a user device with access to digital content purchased via a merchant using an electronic ticket and an associated electronic token in accordance with an embodiment of the invention is shown in FIG. 2B. The DRM server authenticates (152) a merchant server. The DRM server receives (154) a request for a ticket token from a merchant server. The DRM server generates (156) a ticket token and associates the token with an electronic ticket. If there is no preexisting ticket (e.g., for a new purchase), the DRM server also creates the electronic ticket. The DRM server sends (158) the ticket token to the merchant server for delivery to a user device. The DRM server authenticates (160) a user device. The DRM server receives (162) the ticket token in a request for access to digital content from the user device and validates (164) the token. If user account information is provided, the DRM server associates (166) the electronic ticket with the user account. The DRM server sends (168) the electronic ticket referenced by or otherwise associated with the ticket token to the user device with access information for the digital content that was requested. The DRM server expires (170) the ticket token. Although a specific process is illustrated in FIG. 2B, any of a variety of processes for utilizing an electronic ticket and a ticket token that references the electronic ticket for providing a user device with access to purchased digital content can be utilized in accordance with embodiments of the invention. User devices and DRM servers that can utilize electronic tickets and ticket tokens in accordance with embodiments of the invention are discussed further below.

User Devices

In many embodiments of the invention, an electronic ticket is stored on a playback device to enable the user device to access content through a DRM system using the electronic ticket. A user device configured to access purchased content using electronic tickets in accordance with an embodiment of the invention is shown in FIG. 3. The playback device 30 includes a processor 32, memory 34, and a network interface 35. In the illustrated embodiment, the electronic tickets 36 and ticket tokens 38 can be stored in memory. Typically, the memory is non-volatile memory to provide persistent storage of the electronic tickets 36 and the ticket tokens 38. In a number of embodiments, the electronic ticket 38 may be contained inside a container file together with the content to which it refers. In several embodiments, a ticket may be stored on a purchaser's user device after purchase, may be transferred to another device if given as a gift, and may be deleted in its isolated form (i.e., outside a container file) from the device when it is torn. Tickets are typically treated this way in a disconnected playback mode. In several embodiments, a client application 39 configures the user device to communicate with the merchant server to purchase content and obtain ticket tokens. The client application 39 also configures the user device to authentic itself with a DRM server and to request cryptographic information to play back content using a ticket token and/or exchange the ticket token for an electronic ticket. Although a specific user device architecture is illustrated in FIG. 3, any of a variety of architectures that are capable of managing interactions with servers and playback of digital content in the manner outlined above can be utilized in accordance with embodiments of the invention can

DRM Servers

In many embodiments of the invention, electronic tickets and ticket tokens may be stored on a merchant server or a DRM server (e.g., in a database) for reference, to track purchases, and to provide user devices with access to content. A merchant or DRM server may look up an electronic ticket using fields such as (but not limited to) a customer email address, merchant identifier, content identifier, or merchant transaction identifier. A DRM server configured to issue electronic tickets and ticket tokens and to provide cryptographic information enabling playback of DRM protected content in accordance with an embodiment of the invention is shown in FIG. 4. The DRM server includes a processor 52 and memory 54. In the illustrated embodiment, the memory 54 includes multiple electronic tickets 56 and ticket tokens 58. As is discussed above, the DRM server can be configured by DRM server application software 59 to manage the generation of electronic tickets, the issuance of ticket tokens associated with the electronic tickets, and the association of electronic tickets with users and/or user devices. In addition, the DRM server application software 59 can manage the issuance of cryptographic information (not shown) to playback devices that are authorized to playback content, the authorization of which is evidenced by an electronic ticket.

Although the description above contains many specificities, these should not be construed as limiting the scope of the invention but as merely providing illustrations of some of the presently preferred embodiments of the invention. Various other embodiments are possible within its scope. Accordingly, the scope of the invention should be determined not by the embodiments illustrated, but by the appended claims and their equivalents. 

What is claimed is:
 1. A digital rights management server, comprising: a processor; and memory configured to store: an electronic ticket, a ticket token; wherein the processor is configured to: authenticate a merchant server; receive a request for a ticket token from the merchant server where the request identifies a piece of digital content; generate a ticket token that expires after a predetermined time period; associate the ticket token with an electronic ticket; send the ticket token to the merchant server for delivery to a user device, receive a request to access the identified piece of digital content from the user device, where the request includes the ticket token; send the electronic ticket and access information for the identified piece of digital content associated with the electronic ticket to the user device; and expire the ticket token.
 2. The digital rights management server of claim 1, wherein the processor is further configured to authenticate a user device registered to a user account and associate an electronic ticket with the user account based upon the ticket token received from the user device.
 3. The digital rights management server of claim 1, wherein the request for a ticket token contains at least one field selected from the group consisting of: a customer identifier, a content identifier, a merchant identifier, an account link identifier, a license identifier, a stream identifier, a transaction identifier, and a price.
 4. The digital rights management server of claim 1, wherein the processor is further configured to generate a new electronic ticket to represent a new purchase.
 5. The digital rights management server of claim 1, wherein the processor is further configured to send the electronic ticket to the merchant server.
 6. The digital rights management server of claim 1, wherein the request to access the identified piece of digital content further includes identification of a user account to which the user device is registered.
 7. The digital rights management server of claim 6, wherein the processor is further configured to associate the electronic ticket with the user account.
 8. The digital rights management server of claim 6, wherein the processor is further configured to associate the user device with the user account.
 9. The digital rights management server of claim 1, wherein the request to access the identified piece of digital content further includes information that identifies the characteristics or capabilities of the user device.
 10. The digital rights management server of claim 1, wherein the processor is further configured to validate the ticket token.
 11. The digital rights management server of claim 1, wherein the processor is further configured to enforce rules on the playback of content based upon the ticket token.
 12. The digital rights management server of claim 1, wherein the processor is further configured to enforce rules on the playback of content based upon device characteristics.
 13. The digital rights management server of claim 1, wherein the access information includes at least one piece of information selected from the group consisting of: a top level index of the digital content, an identifier for the digital content, and cryptographic data that can be used to access the digital content.
 14. A method for enabling playback of digital content on a user device using an electronic ticket and an ticket token, the method comprising: authenticating a merchant server using a DRM server; receiving a request for a ticket token from the merchant server at the DRM server, where the request identifies a piece of digital content; generating a ticket token that expires after a predetermined time period using the DRM server; associating the ticket token with an electronic ticket using the DRM server; sending the ticket token to the merchant server for delivery to a user device using the DRM server; authenticating a user device registered to a user account using the DRM server; receiving a request to access the identified piece of digital content from the user device using the DRM server, where the request includes the ticket token; associating an electronic ticket with the user account based upon the ticket token received from the user device using the DRM server; sending the electronic ticket and access information for the identified piece of digital content associated with the electronic ticket to the user device using the DRM server; and expiring the ticket token using the DRM server.
 15. The method of claim 14, further comprising authenticating a user device registered to a user account and associating an electronic ticket with the user account based upon the ticket token received from the user device.
 16. The method of claim 14, wherein the request for a ticket token contains at least one field selected from the group consisting of: a customer identifier, a content identifier, a merchant identifier, an account link identifier, a license identifier, a stream identifier, a transaction identifier, and a price.
 17. The method of claim 14, further comprising generating a new electronic ticket to represent a new purchase.
 18. The method of claim 14, further comprising sending the electronic ticket to the merchant server.
 19. The method of claim 14, wherein the request to access the identified piece of digital content further includes identification of a user account to which the user device is registered.
 20. The method of claim 19, further comprising associating the electronic ticket with the user account.
 21. The method of claim 19, further comprising associating the user device with the user account.
 22. The method of claim 14, wherein the request to access the identified piece of digital content further includes information that identifies the characteristics or capabilities of the user device.
 23. The method of claim 14, further comprising validating the ticket token.
 24. The method of claim 14, further comprising enforcing rules on the playback of content based upon the ticket token.
 25. The method of claim 14, further comprising enforcing rules on the playback of content based upon device characteristics.
 26. The method of claim 14, wherein the access information includes at least one piece of information selected from the group consisting of: a top level index of the digital content, an identifier for the digital content, and cryptographic data that can be used to access the digital content.
 27. A system comprising: a merchant server; a DRM server; a content server; and a user device; wherein the merchant server, DRM server, content server, and user device are configured to communicate via a network; wherein the merchant server is configured to authenticate a user account maintained by the merchant server; wherein the user device is configured to request a piece of digital content from the merchant server; wherein the DRM server is configured to authenticate the merchant server; wherein the merchant server is configured to request a ticket token associated with the requested piece of content from the DRM; wherein the merchant server is configured to provide the ticket token to the user device; wherein the DRM server is configured to authenticate the user device as being registered to a user account maintained by the DRM server; wherein the user device is configured to provide the ticket token to the DRM server; wherein the DRM server is configured to associate an electronic ticket with the user account to which the user device is registered; and wherein the DRM server is configured to provide the user device with access information for the requested digital content and the electronic ticket.
 28. A method for enabling playback of digital content on a user device using an electronic ticket and an ticket token, the method comprising: authenticating a user account maintained by a merchant server using the merchant server; requesting a piece of digital content from the merchant server using a user device; authenticating the merchant server using a DRM server; requesting a ticket token associated with the requested piece of content from the DRM server using the merchant server; providing the ticket token to the user device using the merchant server; authenticating the user device as being registered to a user account maintained by the DRM server using the DRM server; providing the ticket token to the DRM server using the user device; associating an electronic ticket with the user account to which the user device is registered using the DRM server; and providing the user device with the electronic ticket and access information for the requested digital content using the DRM server.
 29. A machine readable medium containing processor instructions, where execution of the instructions by a processor causes the processor to perform a process comprising: authenticating a merchant server; receiving a request for a ticket token from the merchant server where the request identifies a piece of digital content; generating a ticket token that expires after a predetermined time period; associating the ticket token with an electronic ticket; sending the ticket token to the merchant server for delivery to a user device; authenticating a user device registered to a user account; receiving a request to access the identified piece of digital content from the user device, where the request includes the ticket token; associating an electronic ticket with the user account based upon the ticket token received from the user device; sending the electronic ticket and access information for the identified piece of digital content associated with the electronic ticket to the user device; and expiring the ticket token. 